Does this cover state-level privacy laws like NY DFS 500?

Yes, the skill includes guidance on evaluating compliance with New York DFS 23 NYCRR 500 and determining breach notification obligations across various state jurisdictions.

Can it assist with SEC cybersecurity examination preparation?

Absolutely. The skill covers key exam areas including governance, access controls, data loss prevention, and incident response testing based on SEC priorities.

How does it handle identity theft prevention?

It provides a framework for building an Identity Theft Prevention Program (ITPP) under Regulation S-ID, including the identification and detection of 'Red Flags'.

Does this skill help with Regulation S-P requirements?

Yes, it provides detailed guidance on the three core components of Reg S-P: Privacy Notice requirements, Opt-Out requirements, and the Safeguards Rule.

Privacy and Data Security Compliance

Name: Privacy and Data Security Compliance
Author: JoelLewis

byJoelLewis

•

安全与测试

Implements and manages data privacy and cybersecurity programs for SEC-registered financial institutions under Reg S-P and Reg S-ID.

This skill provides specialized guidance for financial services firms to design, implement, and operate privacy and data security programs that meet SEC regulatory standards. It offers comprehensive support for Regulation S-P compliance (Privacy of Consumer Financial Information), Regulation S-ID (Red Flags Rule), and SEC cybersecurity examination expectations. By integrating best practices for incident response planning, vendor risk management, and data classification, this skill helps investment advisers and broker-dealers maintain robust administrative, technical, and physical safeguards while navigating complex state and federal breach notification obligations.

主要功能

01Vendor and third-party security due diligence

02SEC Regulation S-P and S-ID compliance frameworks

03Cybersecurity examination preparation and risk assessment

04Data breach response and notification planning

0518 GitHub stars

06Privacy notice drafting and FAST Act exception evaluation

使用场景

01Drafting an annual privacy notice and evaluating FAST Act eligibility

02Developing a written information security program (WISP) under the Safeguards Rule

03Responding to a customer data exposure incident and assessing notification triggers

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add joellewis/finance_skills privacy-data-security

For use in Claude.ai and ChatGPT

Download Skill